Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] SSL Fingerprint Matching
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Thu, 6 Jan 2011 23:00:05 +0200

So the options are 1) send the file with nmap and have it work out of
box, 2) provide the file separately, and 3) provide a bigger nmap
deluxe release that has the file in it. What do you think is the way
to go?

On Thu, Jan 6, 2011 at 10:25 PM, Rob Nicholls <robert () robnicholls co uk> wrote:
Doh, you're totally right! NSIS's LZMA compression and the compressed Nmap
source code downloads wouldn't change the size of the resulting file no
matter whether the blacklist was stored compressed or uncompressed. It's
still significantly larger relative to the existing Nmap downloads.

Rob

-----Original Message-----
From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org]
On Behalf Of Toni Ruottu
Sent: 06 January 2011 20:21
To: Mak Kolybabi
Cc: nmap-dev; Arturo 'Buanzo' Busleiman
Subject: Re: [NSE] SSL Fingerprint Matching

Disk space is cheap, so we should not worry about disk space, right?.
Nmap releases are compressed, so having a compressed file in there does not
make it smaller. I am not sure if compressing the file would help.

On Thu, Jan 6, 2011 at 10:08 PM, Mak Kolybabi <mak () kolybabi com> wrote:
On 2011-01-06 22:01, Toni Ruottu wrote:
Nice work. Why are we worried about the fingerprint file size? Nmap
all ready ships with operating system detection and software version
identifying databases. How big do we expect the SSL fingerprint file to
become?

Depends on how much info we want to include with each fingerprint.
Right now, I've trimmed it down to the minimum of just saying where it
came from originally, removing all the model/manufacturer/version info.

The other thing that could make the file size balloon is including the
Debian SSL blacklist. I believe those are in the tens of megabytes.

--
Mak Kolybabi
<mak () kolybabi com>

() ASCII Ribbon Campaign | Against HTML e-mail /\  www.asciiribbon.org
| Against proprietary extensions


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]